Microsoft says Chinese hackers exploited breach in corporate email system

    A cyber espionage group linked to China has remotely looted mailboxes using flaws recently discovered in Microsoft’s server software.

    The information was released last Tuesday (2) by the company and external researchers and gives an example of how the common use of programs can be used to shape a wide online network.

    Microsoft said the hackers’ action made use of four previously undetected vulnerabilities in different versions of the software and was the work of a group it calls HAFNIUM, which it described as an entity sponsored by China, but which operates outside the country.

    In a separate publication, cybersecurity company Volexity said that in January it saw hackers use one of the vulnerabilities to remotely steal “the entire contents of multiple user mailboxes”.

    All they needed to know was the details of the Exchange server and the account they wanted to loot, said Volexity. Microsoft has already released fixes for the flaws.

    Exchange is a Microsoft corporate or student email account.

    “Exchange Server is used primarily by corporate customers, and we have no evidence that hackers’ activities target individual consumers or that these attacks have an impact on other Microsoft products,” said Tom Burt, corporate vice president at Microsoft.

    China is opposed to all forms of cyber attacks, China’s Foreign Ministry spokesman Wang Wenbin told a news conference in Beijing on Wednesday.

    “China wants the media and relevant companies to take a professional and responsible attitude and base the characterizations of cyber attacks on ample evidence, rather than unfounded assumptions and accusations,” he said.

    Before Microsoft’s announcement, hackers’ increasingly aggressive movements began to attract the attention of the cybersecurity community.

    Mike McLellan, director of intelligence at Secureworks at Dell Technologies, said that prior to Microsoft’s announcement he noticed a sudden spike in Exchange server activity during Sunday night, with about 10 affected customers at his company.

    Microsoft’s suite of products has come under scrutiny since the attack on SolarWinds, the Texas-based software company that served as a springboard for various government and private sector intrusions.

    In other cases, hackers have taken advantage of the way customers have configured their Microsoft services to compromise their targets or to dive further into the affected networks.

    The hackers who pursued SolarWinds also violated Microsoft itself by accessing and downloading the source code – including elements of Exchange, the company’s email product and calendar.

    McLellan said that, for the time being, the hacking activity he saw seemed focused on spreading malicious software and preparing the ground for a potentially deeper intrusion, rather than moving aggressively to networks immediately.

    “We haven’t seen any subsequent activity yet,” he said. “We will find many companies affected, but fewer companies actually exploited.”

    Microsoft said the targets include infectious disease researchers, law firms, higher education institutions, defense companies, policy think tanks and non-governmental groups.

    Recent Articles

    How takhfifan cashback Are Changing the Way Iranians online Shopping?

    Cashback is a type of reward that you can earn when you make a purchase through a cashback website. When you shop through takhfifan...

    Travertine vs. Marble – A Comprehensive Analysis

    Introduction: Understanding the Distinctions Between Travertine and Marble Travertine and marble are two popular natural stones used in various architectural and design applications. While they...

    Getting to know the company FMDcabinets

    With over 30 years of excellence in the kitchen cabinet industry, FMDC Company has carved out a distinguished niche as a premier kitchen cabinet...

    Musical artist, football player and actor : Hasan Karimi

    Nowadays, there are many famous composers. For example, composer Hassan Karimi is very talented and famous for writing interesting songs that listeners like. Many...

    Industrialist Rasoul DanialZadeh

    Rasoul Danial Zadeh (Persian: رسول دانیال زاده ;born 24 April 1959) is an entrepreneur, industrialist, and the biggest steel producer in Iran's private sector. 1-...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox